Results 1 to 3 of 3

Thread: Say Hi to the mouse click capturing Trojan

  1. #1

    Say Hi to the mouse click capturing Trojan

    Security researchers have discovered a keylogging Trojan that captures mouse clicks as well as key strokes. PWSteal-Bancos-Q targets customers of online banking and financial institutions primarily in Brazil. However Australian anti-virus firm PC Tools warns that variants could be created to affect additional online financial sites worldwide.

    As well as capturing user keystrokes, PWSteal-Bancos-Q also takes snapshots of the users' mouse clicks and then sends the captured information via file transfer protocol (FTP) to the Trojan's author. The technique is designed to overcome the use of virtual keyboards by many online banking sites in an effort to avoid keylogger infections.

    It's unclear how effective the mouse click capturing technique is in practice, but the appearance of the malware indicates a further refinement in malware creation techniques by virus writers. VXers previously created Trojans, such as VB-HV, that are capable of taking screenshots of the systems of infected users.

  2. #2
    Senior Member
    Join Date
    Jul 2003
    Posts
    114
    It just keeps geeting harder to make online banking safe...
    I haven't had a chance to take a look at the code but regarding the
    unclear how effective the mouse click capturing technique is in practice
    issue, all it takes for the e-Pin code capture to be effecient is a filename format like dd/mm/yy-hour/minute/second to know the exact sequence.

  3. #3
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    This is actually quite an old concept. We used to use it (and a keylogger) to put together user training sessions. We recorded keystrokes, mouse movement and mouse clicks, and a voiceover.

    Sad that people find malicious uses for what was originally perfectly legitimate software. This is the answer of course:

    The technique is designed to overcome the use of virtual keyboards by many online banking sites in an effort to avoid keylogger infections.
    I have no idea as to how good they are, I will have to try it with some of my old training course apps. Mind you, the banks may well have some modern countermeasures that I cannot emulate.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •